2019 cloud security predictions · certificate management • aws certificate manager • azure key...
TRANSCRIPT
2019 CLOUD SECURITY
TRENDS & PREDICTIONS
INDUSTRY REPORT
Cloudneeti Security Research Team
January 2019
2
2019 CLOUD SECURITY TRENDS & PREDICTIONS
Table of Contents
1 INTRODUCTION ..................................................................................................................................................... 3
2 PUBLIC CLOUD COMPUTING USAGE TRENDS ................................................................................................... 4
2.1 By 2020, 41% of overall workloads will run in public cloud ....................................................................... 4
2.2 By 2020, Serverless (FPaaS) adoption will be supersede Container adoption........................................ 4
3 2019 CLOUD SECURITY PREDICTIONS ................................................................................................................ 5
PREDICTION 1 Host and Network based security products will see a net decline. ......................................... 5
PREDICTION 2 Identity & Access will start becoming the primary perimeter defense. .................................. 6
PREDICTION 3 Cloud providers will take on a major role in security. ............................................................... 7
PREDICTION 4 Cloud native and DevSecOps movement will drive Security to be left-shifted. ..................... 8
PREDICTION 5 Continuous Compliance will start becoming mainstay ............................................................. 9
PREDICTION 6 SOAR becomes effective .............................................................................................................. 10
PREDICTION 7 SIEM from Cloud providers will start disrupting traditional SIEM providers ........................ 10
PREDICTION 8 MSPs and MSSPs will bring in cloud security offerings ........................................................... 11
PREDICTION 9 Cloud privacy concerns are on the rise ..................................................................................... 12
PREDICTION 10 IoT Security will be a concern. ................................................................................................... 13
4 WRAP UP .......................................................................................................................................................... 14
3
2019 CLOUD SECURITY TRENDS & PREDICTIONS
1 INTRODUCTION
Continued growth in public cloud computing adoption has spawned a host of security concerns over the last few
years
Source: 2018 Cloud Security Report
Correspondingly the Enterprise security spend (5yr CAGR) has shot through the roof.
Source: Gartner Information Security Spend Report
At Cloudneeti, our Cloud Security Research team has been working with Customers, Partners, Market Analysts,
Auditors and Hyperscale cloud providers. We decided to put our insights together. As is our culture, we primarily
eliminated opinions and relied mostly on data to decide on the top 10 predictions.
4
2019 CLOUD SECURITY TRENDS & PREDICTIONS
2 PUBLIC CLOUD COMPUTING USAGE TRENDS
2.1 BY 2020, 41% OF OVERALL WORKLOADS WILL RUN IN PUBLIC CLOUD
Various Industry pundits predict a variety of public cloud computing growth. From 83% workloads in public cloud by
2022 (few Forbes articles) to a modest 17% by surveys conducted by On-premises /Data center vendors. Taking the
generally accepted Industry average of 41% workloads in public cloud and drilling down to its constituents
Per Gartner, by 2020
• PaaS and IaaS will account for 31% of cloud spending
• SaaS will be a whopping 42% of overall IT spending
Source: Logic Monitor Cloud Vision 2020 Source: Gartner
2.2 BY 2020, SERVERLESS (FPAAS) ADOPTION WILL BE SUPERSEDE CONTAINER
ADOPTION
Dynamic cloud usage is all about exploiting automatic allocation and de-allocation
resources on the fly, auto-scaled, and no costs when not-in-use is a trend catching
up. Most containers deployments today (2018) still require few static VMs that
business still must pay for when no actual traffic/utilization exists. Auto-scaled
Kubernetes (with Kubelets) is a trend to watch, however, FaaS already shows the
way to promised land.
Public cloud usage will start tilting to FaaS (fPaaS) by 2020.
Source: 2018 New Relic serverless cloud survey
5
2019 CLOUD SECURITY TRENDS & PREDICTIONS
3 2019 CLOUD SECURITY PREDICTIONS
PREDICTION 1: HOST AND NETWORK BASED SECURITY PRODUCTS
WILL SEE A NET DECLINE.
If network is becoming a barricade for innovation, and most security breaches are not being prevented by a
hardened network, we wonder, if network-based security solutions will have much of a play in the future.
Trying to understand the real industry trends, vs. what the network equipment/security providers say, are really
two different things.
Some noticeable trends:
• 84% of organizations say traditional security
solutions don’t work in cloud environments.
(Crowd Research Partners)
• Intrusion Protection Systems (IPS) has a 5yr
CAGR of -5.9%: That’s right, negative 5.9%.
Worldwide spending in Intrusion prevention
equipment and related services are seeing a
drop in the forecast.
• 3rd party WAF and DDoS are growing relatively
slow. Sure, public cloud providers are taking
some of the market away.
Network security companies have started to move to the
cloud (evolving trend), or move to adjacent areas of
growth – in IoT, end-user security etc.
Here’s a quick Magic Quadrant of the Enterprise firewall
market.
6
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 2: IDENTITY & ACCESS WILL START BECOMING THE
PRIMARY PERIMETER DEFENSE.
Application boundaries have been expanding across Enterprise, Partners and their supply chain ecosystem. As
physical network boundaries continue to crumble, the next available perimeter (and probably the primary) will
be IAM (Identity & Access Management) layer.
Let’s also look at some of the trends driving this
change
• Serverless and PaaS is proliferating.
Networking in such cases is not a standard
practice.
• 80% of security breaches involve privileged
credentials. (Forrester)
• Employees / Vendors and partners most likely
are not always available within a defined
network perimeter. Roaming or work from
home is very prevalent.
In June 2017, NIS published NIST SP 800-53 – Digital Identity Guidelines. This made Identity as a mainstream
subject clearly differentiating Identity, Authentication and Federation.
No wonder, with all the digitalization in progress, Identity startup landscape has exploded.
7
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 3: CLOUD PROVIDERS WILL TAKE ON A MAJOR ROLE IN
SECURITY.
Cloud providers have displayed giant steps in bringing native security management products (Azure Security
Center, AWS Security Hub, AWS Shield, AWS Guard Duty, AWS Macie etc.) This momentum of features and
proportional adoption will continue.
Here are some major capabilities… and growing
HYPERSCALE CLOUD PLATFORMS
SE
CU
RIT
Y C
AP
AB
ILIT
IES
Threat Management • AWS Guard Duty for EC2 • Azure Security Center (VMs, SQL
Databases)
Security Configuration
Recommendations
• AWS Trusted Advisor • Azure Security Center
Object Storage Threat
Protection
• AWS Macie • Azure Storage Advanced Threat
Protection
Key Management • AWS KMS • Azure Key Vault – Keys
Secrets Management • AWS Secrets Manager • Azure Key Vault - Secrets
Security Assessments • AWS Inspector • Azure Security Center
Identity and Access
Management
• AWS IAM
• AWS Cognito
• Amazon Cloud Directory
• Azure Active Directory
Certificate Management • AWS Certificate Manager • Azure Key Vault – Certificates
Security Operations • AWS Security Hub • Azure Security Center
DDoS protection • AWS Shield • Azure DDoS Standard
Blockchain • AWS Quantum Ledger
Database
• AWS Managed Blockchain
• Azure Blockchain Workbench
IoT Security • AWS IoT Device Defender • Azure IoT Hub
• Azure IoT Edge Security
Manager
Web Application Firewall • AWS WAF • Azure Application Gateway
(WAF)
• Azure Front Door (WAF)
Many more… … …
We don’t expect the barrage of features to stop anytime soon. In fact, more will be released and faster will be
their adoption.
8
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 4: CLOUD NATIVE AND DEVSECOPS MOVEMENT WILL
DRIVE SECURITY TO BE LEFT-SHIFTED.
• In mid-2018 RSA conference, there was a
lot of talk about how DevSecOps
movement is becoming a global
phenomenon
• Late 2018, there has been more definitions
of what the team sizes for DevSecOps
should be
10 AppDev :: 1 Ops :: 1 Security
• Launches of New conference themes
(DevSecCon), Training programs, and a very
broad vendor landscape
You see the picture. DevSecOps has become a movement.
And every global movement needs to have a manifesto,
right?
Well, here’s one for DevSecOps
Source: https://www.devsecops.org/
Needless to say, DevSecOps movement takes to understanding that InfoSec
and Application development teams have started to come to understand
what NIST has been saying for some time.
Measure it, Fix it early in the development cycle.
9
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 5: CONTINUOUS COMPLIANCE WILL START BECOMING
MAINSTAY
Ever since Cloud computing started becoming mainstay, most survey reports kept mentioning that the biggest
concern for adoption is security and compliance.
Gartner, Forrester and many other Industry pundits have been coining terms like CARTA (Continuous adaptive
risk and trust assessment), Integrated Risk Management (IRM), Cloud Security Posture Management (CSPM). The
vendors in this space are growing and overlapping the security, compliance and risk domains.
Some notable trends
• Enterprises spend 20% of IT effort in gathering
evidence
• Managing GRC for cloud workloads, in general is
complex, expensive and dearth of talent.
• Cloud computing has enabled business to be agile.
The velocity of application releases has rapidly gone
up.
Frequent and manual compliance assessments will be a thing of the past. Maybe, once a year a risk advisor team
is brought on to assess and validate business risks, prepare documentation etc. But beyond that, day-to-day
management of compliance deviations will be mostly an in-house practice.
We think the following quote summarizes it all
"If you think compliance is expensive, try non-compliance." - Former U.S. Deputy Attorney General Paul McNulty
10
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 6: SOAR BECOMES EFFECTIVE
Enterprises are struggling to keep up with the growing threat landscape. Too many manual processes, cloud and
security skills gap, inefficient SOC (Security operations center) alert. SOAR seems to be the evolving answer to
this deluge of information.
Security Orchestration, Automation and Response (SOAR) is a coordination of automated security tasks across
connected security applications and processes. It is to be seen whether SOAR will exist as a stand-alone category
or will it be subsumed by (1) SIEM or (2) Cloud Platform Management.
SOAR aggregates all logs, 3rd party intelligence and
vulnerability scanning findings and automates can decision
making, create smart alerts, and help auto-tune the tools to
provide the analysts with quality, actionable items.
Very likely, the traditional SIEM platforms add SOAR
modules. In 2019, highly likely, SOAR on public cloud will not
be a platform play. But a purpose-built serverless
automation on top of SIEM and AWS and Azure logging data
stores.
PREDICTION 7: SIEM FROM CLOUD PROVIDERS WILL START
DISRUPTING TRADITIONAL SIEM PROVIDERS
The likes of Splunk, LogRhythm, FireEye, IBM will start facing stiffer competition from the likes of AWS Cloud
Watch Log Analytics and Microsoft Azure Log Analytics
Although the cloud providers don’t yet advertise their products to be a SIEM, the features, data connectors and
analytics options all indicate that it won’t be long. Gartner and Forrester don’t predict this as yet, however we
certainly believe that a cloud native log analytics solution will be much more relevant and cost effective,
especially if your workload is hosted in public cloud.
The team at Cloudneeti doesn’t predict this will happen in 2019, however, cloud providers have rolled the dice,
the journey has begun. By late 2020/early 2021, the SIEM spend will start tipping towards cloud provider’s native
SIEM solution.
11
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 8: MSPS AND MSSPS WILL BRING IN CLOUD SECURITY
OFFERINGS
Enterprises continue to fight the battle between ‘focus on functionality’ vs. ‘focus on technology’, knowing very
well that technology can be a differentiator. The traditional exploiters of this battle have been Managed
Service Providers. The MSP and MSSP business of is on the rise, specially the ones who can differentiate.
Security and Compliance have huge differentiators, after all managed security services is forecasted to $40B
market by 2022.
"Cloud security is normally a function of competency. If Organizations don't know
what they're doing, they tend to do the wrong thing.” - Gartner
Gartner and Forrester rate MSPs and MSSPs based on their capabilities, scale and deep delivery expertise.
Here are three to-dos to MSPs,
1. Build DevSecOps capabilities: Know how to harden cloud infrastructure at the time of resource
provisioning. Research has shown that the more cloud native components you build, the lower the cost of
operations for the customer.
2. Monitoring Security and Compliance: Employ tooling and expertise like Cloudneeti to monitor security
posture, automated compliance reporting. These services will earn trust and confidence from your
customers.
3. Security Operations: Not every enterprise wants a heavy-handed Security Operations Center. The more
they can get from an MSP, at a lower cost YoY, the more they buy it. MSPs should package lite-SOC as
part of their Infrastructure Managed Services portfolio.
12
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 9: CLOUD PRIVACY CONCERNS ARE ON THE RISE
Business who are not noticing the data privacy
trends- EU’s GDPR, California privacy act, Consent
management, Regional privacy laws (US, China,
India, South Korea, Russia, Japan) – will pay
significantly high compliance costs, skyrocketing
regulatory fines (4 % annual revenue) in 2019 and
beyond.
Only 12% of global IT organizations understand
how GDPR will affect their cloud services.
(Commvault)
Facebook’s loose privacy settings allowed for significant damage to its reputation, influencing election outcomes,
large scale analytics of PII data leading to targeted ads, product marketing and other significant trends.
There’s quite a debate and confusion between what
the terms security and privacy mean.
Security is required for Privacy. However, privacy is
primarily focused on consented collection,
appropriate use, data remanence (retention and
destruction), quality, and access.
Here’s a Wikipedia article for TL;DR:
https://en.wikipedia.org/wiki/Privacy
Some evolving technologies to watch for, include
1. Consent management
2. Automated data classification influencing access controls,
3. Blockchain and multiparty computing (MPC),
4. Data loss prevention (specifically Cloud application discovery, Data sanitization, Dynamic data masking and
Zero knowledge proofs)
13
2019 CLOUD SECURITY TRENDS & PREDICTIONS
PREDICTION 10: IOT SECURITY WILL BE A CONCERN.
Cloud empowers IoT. Imagine this data point,
"A single autonomous test vehicle produces about 30 TB per day, which is 3,000 times the scope of Twitter’s daily data. - Dell EMC
Hyperscale platforms like AWS and Azure entice the Auto Industry with cheaper storage (data lake storage getting
priced at ½ of regular object storage). IoT will benefit a lot more with massive data analytics powered by the
hyperscale providers.
Here are two images to illustrate the trends in IoT security.
IoT security will become a larger concern for 2019. Here are some top predictions
1. IoT attacks will become rampant: VPNFilter, Wicked, OMG and Mirai, ADB.Miner, DoubleDoor, Hide ‘N
Seek and more will be resurgent in 2019. Device security will be a requirement even for pilots.
2. Regulators will flex the compliance muscle: e.g. “B-327 Information Privacy: Connected devices” bill, which is
the first to focus on IoT devices requiring them to be secure and protect the user’s privacy. This bill
demonstrates that governments can, and will, be involved in regulating IoT devices.
3. Cloud Infrastructure and Data Security: Connection hijacking, insecure cloud infrastructure will expose
collected data to the attackers. Anonymization, encryption and secure data processing will be even more
important.
14
2019 CLOUD SECURITY TRENDS & PREDICTIONS
4 WRAP UP
" We are so focused on getting it to ‘just work’ that we spend little time ensuring that it is working in a secure manner - CSO Journal
While you take a moment to ponder over the
predictions, there are a lot of good news to consider.
1. Public cloud is generally more secure than
your traditional data centers. And it will get
easier to manage security in public cloud.
2. 98% attacks will be exploit vulnerabilities
discovered at least a year ago.
3. Automation of best practices lowers total cost
of operations
Let us know ([email protected]) of what you think about the predictions.
We wish a happy new year to all.
- By Cloudneeti Security Team.
15
2019 CLOUD SECURITY TRENDS & PREDICTIONS
Cloudneeti is a software-as-a-service product company in
Continuous Cloud Assurance, headquartered in Redmond,
WA, USA. Cloudneeti enables businesses to improve
visibility and enforce standards with automated posture
monitoring, compliance reporting and guided
remediations.
Leveraging native cloud APIs, Cloudneeti solves the
challenges of managing security, privacy and compliance by
providing instant visibility of cloud security posture, active
validation of cloud configuration & compliance, and
ongoing governance of cloud assets.
Out of the box validations for
CIS, CSA, NIST 800-35, NIST CSF, ISO 27001, GDPR, PCI-DSS 3.2, HIPAA, FFIEC, NCSC (UK), RBI (India)
Website:
https://www.cloudneeti.com
Email:
Free Trial:
https://www.cloudneeti.com/request-
a-free-trial/
About Cloudneeti